Cloud Computing Security using Blockchain
Cloud Computing
There are millions of websites in this Internet age. It takes a whole bunch of servers to maintain a site. The traffic on these servers must obviously be constant, and the servers themselves must be constantly monitored and maintained, and this requires a workforce.
To avoid self-maintenance, “cloud computing” is used. Cloud computing is the practice of using a network of remote servers to store, manage and process data from anywhere in the world. They are used instead of a local server or a personal computer. Cloud computing services are delivered to an organization’s devices over the Internet.
The advantages of this technology are reduced equipment and maintenance costs, availability, flexibility, and scalability.
There are basically 3 forms of cloud computing:
1. The first form is Software as a Service ( SaaS ) where subscribers are provided with off-the-shelf application software fully serviced by the provider. Cloud clients do not have control over the cloud infrastructure. SaaS examples: Amazon Web Services, SalesForce.com, Google Mail, and Office 365.
2. The second form is Platform as a Service ( PaaS ). The cloud service provider allows us to deploy our application and development and testing tools within the platform. The difference between SaaS and PaaS is that SaaS hosts the entire application in the cloud while PaaS provides a platform for the application. Google search engine and Heroku are examples of PaaS.
3. The third form is Infrastructure as a Service ( IaaS ), which offers the user direct access to storage, processing, and other network resources. IaaS examples: Amazon EC2, GoGrid.
Cloud Deployment Models
- Public cloud: A public cloud is a cloud infrastructure that is used simultaneously by several customers. It is open for public use by more than one client. Examples: Microsoft Azure and Google App Engine
- Private cloud: Primarily created on demand by individual customers, ensuring data ownership and security. This is a safe and expensive pleasure compared to the public cloud. Customers can optimize user access and can limit the networks used in the private cloud. Example: Eucalyptus System.
- Hybrid cloud: It is the union of two or more cloud deployment models. Hybrid clouds focus primarily on their own data centers but rely on public cloud resources to provide them with some computing. A very well-built hybrid cloud can be quite secure, but the challenge lies in effectively building and managing such a solution. Amazon Web Services is a prime example of a hybrid cloud.
- Community cloud: This cloud is mainly created for a specific community of consumers from various organizations with common problems. It may be owned, managed, and operated by one or more community companies. This kind of cloud is useful in the education or banking sectors. An example of such a cloud: Facebook.
Some disadvantages of clouds:
1. Data security: Although most providers provide security, sometimes data leaks do occur. One of the most notorious is the leak from iCloud — the “drain” of celebrity photos.
2. Limited control. Cloud users have limited control over data in the cloud. They have the most control in IaaS, where they take control of the virtual machines and customize them to suit their needs.
3. Compatibility: Although this is a rare case, sometimes a client may need to use multiple clouds if they need continuous access to their data (after all, there are maintenance periods during which the clouds are not available). In this case, different clouds are not so easy to synchronize with each other.
4. No legal liability for service providers: Even cloud providers that host data with special security do not bear any responsibility in case of information security breaches. It happens that data stored in the cloud of one country is used in other countries. The question arises of which country’s laws will apply to the privacy of this data.
Blockchain
According to the authors of the article, blockchain is the future of those industries for which security and privacy are not in last place.
The term “blockchain” is usually understood as a data structure — a sequential chain of blocks, each block of this chain contains its own hash sum and the hash sum of the previous block. Thus, the blocks become interconnected, which makes it more difficult for attackers to change the data pointwise because changing a block leads to a change in its hash and the need to change all subsequent blocks with their hashes.
Blockchain technology organizes a transaction log, and transactions can mean not only a financial transaction, as we are used to but any message in general. This is a fairly simple and powerful system built on cryptography, decentralization, and consensus. Blockchain network participants are called nodes, they all organize a decentralized network in which nodes actively participate in data validation and verification.
When a user wants to send transaction data to other network members, this transaction will be represented as a block. The block must be transmitted to other nodes in the network in order for them to approve the transaction and add the block to the chain.
Blockchain features
- Decentralization: In a traditional centralized network, nodes must be verified by a central trusted server. This approach introduces delays and increases computational costs. The blockchain consists of peer-to-peer blocks that do not require the participation of a third party. This means that the blockchain does not need to rely on a centralized server to store and update data, but rather on the honesty of most ordinary nodes.
- Immutability: Transaction data is validated before it is accepted into a block. Data in blocks cannot be faked. If someone tries to change the data, they will be easily caught because the data in the blocks are linked via a hash, and changing the data will invalidate the following blocks.
- Anonymity: Users do not disclose their personal data. An account can be opened without presenting identification documents if the blockchain is not controlled by a central authority that requires documents.
- Consensus: This is the way in which decentralized network nodes reach an agreement on the current state of the data in all blocks. Consensus guarantees the integrity of the data in the blockchain base.
- Data duplication: Full nodes store all blocks.
- Transaction History: All transactions on the blockchain are digitally signed by the sender and timestamped, making it easy for users to track and verify transaction information.
- Transparency: The transaction log is open to all nodes present on the same network.
Blockchain Access Types
Consider the main types of access to the blockchain:
1. A public blockchain is an open-access blockchain that anyone can join.
2. A private blockchain is a blockchain in which no one can quickly become part of the network because availability is controlled by a central authority. Permission to read data on a private blockchain to the public is open selectively.
3. The blockchain consortium is a partially decentralized chain. Responsibility for the administration of the blockchain may lie with several organizations. These pre-selected organizations establish access rights to perform transactions or access data. The rest of the nodes may have access to blockchain transactions, but not consensus search. Examples: Hyperledger and R3CEV.
Blockchain Nodes
A node is a device that belongs to a blockchain network. The node type is determined depending on the task it performs. There are the following types of nodes:
1. Mining nodes: Mining nodes always produce blocks for the blockchain. These nodes, during the mining process, simply check if a block can be added to the list. Mining nodes are not responsible for maintaining blocks — they only create blocks and add them to the chain. The added blocks are published on the network, where “full nodes” validate them and add them to the blockchain.
2. Full or Supernodes: Their job is to validate transactions up to the first block at the time of publication. After validation, the data is sent to all other nodes in the network. When there are more nodes, the network is more difficult to hack. A full node can be called a supernode depending on the number of transactions made. Supernodes are always active.
3. Light knots: A light node stores information only about the block to which this node is connected (the parent node). Light nodes are most often pieces of software connected to full nodes and used to access the blockchain. Light knots don’t run continuously and are therefore cheaper to maintain.
Smart Contracts
In 1994 (i.e. even before the advent of the blockchain), Nick Szabo first applied the idea of smart contracts. A smart contract can be digitally defined as a series of commitments that create trust between unfamiliar parties.
Smart contracts are applied in many scenarios such as insurance, business agreements, financial record data, mortgage loans, food supply chains, etc. Ethereum is one example of using smart contracts.
Digital Signatures
Each client has a private key and a public key. If the client wants to send any data, it must generate a hash value from the transaction data and then use its private key to encrypt the hash value. This process is called “digital signature” and the step is called “signing”. Digitally signed transactions are propagated throughout the network to the nodes present. The received payment information is decrypted using the public key. The decrypted hash value is verified by comparing it with the hash value obtained from the sender’s data. This phase is called the verification phase. The blockchain uses the Elliptic Curve Digital Signature Algorithm (ECDSA) for verification.
Consensus Algorithms
When a block needs to be added to the blockchain, that block must be validated by all nodes in the network. Consensus algorithms are mechanisms for reaching an agreement with the network to decide on the order of transactions and filter out invalid transactions. There are several “consistent mechanism algorithms”:
1. Proof of Work: Used in cryptocurrency blockchains. The PoW mechanism is based on the following idea. Each member of the network can take a set of transactions waiting to be logged and form a new block. However, the block formation process cannot, on average, be faster than a certain time, which is selected in advance depending on the total computing power of the blockchain network (for example, in bitcoin ~ 10 minutes).
A network participant who called himself a miner solves a complex mathematical problem by brute force. The miner who solves it first forms a new block and receives a reward. Sometimes valid blocks can be generated in parallel when the target value is found almost simultaneously by several miners. In this case, branches of blocks (competing forks) will be formed. In this case, the longest chain will be considered genuine.
In PoW, miners have to use a lot of computing power, and therefore spend a lot of energy. Also, users have to pay a commission to miners for verifying transactions.
2. Proof-of-Stake: This is the best alternative to PoW. The purpose of this algorithm is to correct the main disadvantages of PoW: low speed and poor network scalability. PoS is abandoning the idea of mining. Instead, staking is used — a mechanism for the formation of new blocks depending on the share of the cryptocurrency owned by the node. The more currency a network member has, the more likely it is that he will form a new block. This approach is low power, more scalable than PoW, and much faster. Of the minuses — the threat of centralization.
3. PBFT (Practical Byzantine Fault Tolerance): Used for various distributed systems. The node that receives the transaction broadcasts it to all nodes in the current network. The content of the transaction is not checked, because most network nodes are a priori considered to be carriers of valid information. Each node that has received data from all other nodes in the network checks them and, in case of receiving more than 2/3 of the votes for the transaction, accepts it. Such an algorithm does not require large energy consumption and has a relatively high performance with a small number of network participants.
Blockchain Issues
Undoubtedly, blockchain is a promising emerging technology. However, It faces some problems. These include:
1. Scalability: Every day, the number of transactions in the blockchain increases, which leads to the need to store more data on each full node.
2. Normative acts and laws: The advent of the blockchain has led to changes in the systems of law and legislation. Blockchain has caused a number of legal issues due to the lack of proper laws. In India, for example, cryptocurrency cannot be used as a means of payment for goods or services but can be a means of investment and a subject of trade on the stock exchange.
Cloud and Blockchain Integration
In order to promote the development of cloud computing and overcome privacy and security concerns, it is proposed to integrate blockchain into the cloud.
Blockchain technology and cloud computing can be combined. When a cloud integrates with a blockchain, the different clouds are treated as nodes. And inter-node communication is possible in the blockchain. All nodes on the same network communicate with each other so that each node contains a copy of the transactions.
Blockchain helps overcome some of the cloud-related data security issues due to its properties.
- Due to the anonymity of the blockchain, the leakage of personal data is impossible.
- Due to immutability, blockchain protects data from falsification.
- By duplicating data, it is possible to increase the fault tolerance of a blockchain system.
Let’s consider the option of using blockchain integration in cloud computing.
Fail-safe systems with data encryption
We can use many clouds, each of which we do not trust, but at any given time we trust the majority of them. Let’s take the computing power from each cloud, and take the properties of counteracting data falsification from the blockchain. The blockchain has duplication properties, and the same data is stored in different clouds (which are the nodes of the blockchain), which will also achieve constant data availability.
Consider a scenario where blockchain is used to schedule user tasks in the cloud. In order to ensure confidentiality, timeliness, and continuous data integrity, the control system that takes the task entered by the user, first encrypts it, and then creates an encrypted block and calculates the hash code of the block, then writes it to the blockchain base. Each node in the network contains a copy of each transaction, which ensures high data availability (minimization of downtime). Blockchain also helps the network to withstand potential failures and attacks.
Cloud computing in such a system produces the work of blockchain nodes, for example, each cloud can be represented as a supernode that performs mining and validating operations physically on several computers, which will allow the system to be scaled to any size by means of a cloud provider that can sell the operation of the described system as a service.
Conclusion
Cloud computing has been around for many years. But people are still trying to overcome some cloud computing issues like data security, data management, interoperability, etc. But clouds also have advantages, such as scalability.
Blockchain technology is an emerging technology well known for its security when applied to cryptocurrencies. But it also has disadvantages, such as scalability.
By integrating blockchain into cloud computing, you can get many benefits: data trust, security, and scalability. There are no specific technologies that implement such integration yet, but they are not far off!
The article cited in the introduction:
CVNUB Murthy, ML Shri, S. Kadry and S. Lim, “Blockchain-Based Cloud Computing: Architecture and Research Challenges,” in IEEE Access, vol. 8, pp. 205190–205205, 2020, doi: 10.1109/ACCESS.2020.3036812.
